Академический Документы
Профессиональный Документы
Культура Документы
Overview
◦ Provides capabilities to manage multiple APS devices from one central
management console
◦ Both the APS and Console must be running a minimum version of 5.11 or
later
◦ The Console can be installed on an appliance or on a VMware hypervisor.
◦ Can manage APS on all platforms (Appliance, VMware, KVM)
Overview
◦ APS Console can be installed on the following appliance models
‒ APS Console 7000
‒ NSI 51XX
‒ NSI 52XX
◦ APS Console can be installed on the following hypervisor
‒ VMware vSphere 5.5 or later
Overview
◦ APS Console requires a license
◦ Licenses supported
‒ APS-Console
‒ APS-Console-VM
‒ NSI 51XX
‒ NSI 52XX
‒ NSI-Console-VM
◦ The APS console does not support cloud-based licenses
Before you connect APS devices to an APS Console, use the following
matrix to verify that the software versions of the APS devices and the APS
Console are compatible.
5.11 X X X ✔ X
5.12 X X X ✔ ✔
Symbol Rating
✔ Compatible
X Unsupported
Overview - Appliance
◦ The install process is similar to Arbor APS
◦ If prompted, select re(install) from flash
◦ Initial boot will launch the quick installation script
Netmask for interface mgt0: [255.255.255.0] snmp access from which network? [done]
255.255.248.0 telnet access from which network? [done]
Media for interface mgt0: [none] ssh access from which network? [done]
0.0.0.0/0
Default route: [none] 10.2.32.1
ssh access from which network? [done]
bgp access from which network? [done]
Generating new SSH host key file.....done.
http access from which network? [done] Current time and date: [051201572017.45]
https access from which network? [done] NTP server IP address: [done] 10.2.24.46
0.0.0.0/0 NTP server IP address: [done]
https access from which network? [done]
Overview - Appliance
◦ Once the system reboots, login using the default credentials
‒ Username: admin
‒ Password: arbor
◦ Update the admin password
admin@APSConsole:/# services aaa local password admin interactive
Changing password for user admin.
New password:
Re-enter new password:
Password changed
passwd: all authentication tokens updated successfully.
Overview - VMware
◦ Download the .ova file and documentation from https://update.arbor.net
◦ Deploy OVA using vSphere or vCenter
◦ System resources will automatically be set
‒ CPU: 2 Cores
‒ Memory: 4 GB
‒ HDD: 100 GB
◦ There is no quick installation script for VMware deployments
Overview
◦ Supported upgrade path is from NSI 5.7 to APS 5.11
◦ Before you begin
‒ Disconnect all APS’ from NSI 5.7
• Any APS’ connected to the Console during the upgrade will lose all their data.
‒ Perform a Backup of NSI 5.7
◦ Perform the Upgrade
◦ Initialize the database
‒ / services aps-console database initialize
◦ Upgrade all APS’ destined to be connected to the Console to version 5.11
◦ Connect APS’ to Console
‒ During this process all settings and configuration will be synchronized
Overview
◦ APS can only be connected to one APS Console
Adding APS
◦ Go to Administration > General
◦ In the Arbor Networks APS Console Connection
section enter the following info
‒ APS Console – IP or URL of the APS Console
‒ Shared Secret – A secret to be shared with the console.
◦ Click Save
◦ When the APS and Console are connected for the first time an initial bi-
directional sync occurs as seen in the Status section of the screen shot below.
‒ This is the only time a bi-directional sync will occur, moving configuration and setting will
only flow from the Console to the APS
◦ Once the initial sync is finished the Status should change to Good
Notes
◦ If a connection error occurs, a connection status box will appear. If no errors
occur the box will be hidden.
‒ The box will display information about the error
‒ Test Connection button will be displayed. Click to retry the connection.
Removing APS
◦ Go to Administration > General
◦ In the Arbor Networks APS Console Connection section remove the APS
console IP or URL and remove the Shared Secret by clicking the red minus(-)
icon to the right of the field
◦ Click Save
Removing APS
◦ On the APS Console, an alert will be displayed stating the APS is offline
◦ A new button to delete APS will appear, and clicking it will remove the APS
from the Console
Overview
◦ Create and manage protection groups for IPv4 and IPv6 hosts
◦ Assign protection groups to APS devices
◦ Centralized reports that aggregate data from multiple APS devices
◦ Configure server types and protection settings
◦ Manage Blacklist and Whitelists
◦ Monitor network traffic and status of the connected APS devices
◦ Monitor and respond to APS alerts
◦ Audit trail assists in monitoring system changes
Menu
Dashboard
◦ Click Dashboard in the menu bar
◦ View of traffic flowing through all APS
◦ Active alerts
◦ ATLAS Threat Categories
Summary
◦ Click on Summary in the menu bar
◦ You can view status of all APS
devices connected to the Console
Alerts
Explore > Alerts
◦ Display alerts from all APS devices
◦ Apply filters to narrow down your search
Protection Group
Protect > Inbound Protection > Protection Groups
◦ Here you can view details of configured protection groups and create new
protection groups
Manage Blacklist
Protect >
Inbound/Outbound
Protection > Blacklist
Toggle Blacklist
◦ Use the tab on the top of the page to toggle between IP Address and
Domains and URL
◦ IP address include Blacklist Hosts, and Blacklist Countries
Add Blacklist
◦ Enter the desired IP Address, CIDR, Country, Domain, or URL in the Field
and click Add
Delete Blacklist
◦ Click the red minus(-) button to remove the value from blacklist
◦ Optionally you also can Whitelist the entry by clicking the whitelist button
Manage Whitelist
Protect > Inbound/Outbound Protection > Whitelist
Add Whitelist
◦ Enter the desired IP Address, CIDR, Country, Domain, or URL in the Field
and click Add
Delete Whitelist
◦ Click the red minus(-) button to remove the entry
◦ Optionally you also can Blacklist the entry by clicking the Blacklist button
Centralized Reports
◦ Click on Reports in the top menu bar
◦ Here you can configure a new report or view existing report
Viewing Reports
◦ Click on a report to open it
◦ Report contains the below
statistics
‒ Cloud Signaling
‒ DDoS Protection
‒ Top Inbound Countries
‒ Top Blocked Threat Categories
‒ Top Inbound Sources/Destinations
‒ APS Devices
‒ Protections Groups
Create Reports
◦ Click on Configure New Report
◦ Provide a Date Range and click Next
◦ Select APS Devices and click Next
◦ Select Protection Groups and click Next
◦ Add a name
◦ Add a description
◦ Add audit trail message
◦ Add delivery options
◦ Click Submit
Delete Reports
◦ Select a report and click the Delete button.
Manage Files
Administration > Files
◦ Manage files
◦ Create and Manage
Diagnostic Packages
◦ Upload SSL Certificates
◦ Upload Custom Logo
◦ Download SNMP MIB files
Manage Files
◦ To view and manage files files from other connected APS, select a different
device from the dropdown
Configure Notifications
Administration > Notifications
◦ Manage various methods of notifications
‒ Email
‒ SNMP
‒ Syslog
◦ Set default “From” address
for notifications